Craft Ghidra structs in python
Project description
Strudra
Welcome to Strudra, a way to craft Ghidra structs in python, using ghidra_bridge.
How Studra Works
Strudra loads all structs from the Ghidra
For this to work, you have to setup ghidra_bridge in Ghidra: https://github.com/justfoxing/ghidra_bridge/
Then, you can create instances of these structs, set values in these structs, and edit them. Good if you want to interact with your target.
How to Strud
First, install using pip install --user strudra.
Afterwards, you can init a Strudra object.
For this, you first have to setup and start ghidra_bridge in Ghidra.
Then, you can create a new strudra object.
from strudra import strudra
sd = strudra.Strudra()
You can pass in a custom Ghidra Bridge here, if you like.
By default, it will serialize all data received from ghidra to struds.json, and reload from there, if Ghidra bridge is not available.
You can pass in a different filename to cache to, or None to disable caching.
You can even force_from_file=True, if you don't want any Ghdira interaction in subsequent runs.
We can now use all structs from Ghidra, but let's add one just for this example.
sd.add_struct("struct test{ int test1; char test2[2]; };")
Creating a Strud
Now, we can access the new test struct from ghidra.
We can alread set values in the constructor
test_struct = sd.test(test1=0x1337)
We can use struct members by name or by offset
assert (test_struct.test == test_struct[0x0])
Arrays work, too!
test_struct.test2 = [0x42, 0x42]
Oh, and nested structs are fine as well, just try it! ;)
Reload
After having reversed new Structs in Ghidra, call reload on the Strudra object to get the latest updates.
Serialize
At the end, we can get the serialized bytes back, all members the correct byte order, and use it for example in pwntools.
bytes(test_struct)
Enjoy a new reverse engineering experience.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file strudra-0.1.1.tar.gz.
File metadata
- Download URL: strudra-0.1.1.tar.gz
- Upload date:
- Size: 12.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/3.7.3 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.8.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ff67ad4ff10a840f46e2e8b5ed1968124d31c8f7bf57a13e21e167c7442af4b0
|
|
| MD5 |
970012c79810c4787bc5a68d8ed4d67a
|
|
| BLAKE2b-256 |
023dbf6a8c21fd82adb415a6beca1ff22c5ef9ae7f356df55f950354a39966eb
|
File details
Details for the file strudra-0.1.1-py3-none-any.whl.
File metadata
- Download URL: strudra-0.1.1-py3-none-any.whl
- Upload date:
- Size: 11.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/3.7.3 pkginfo/1.7.0 requests/2.25.1 requests-toolbelt/0.9.1 tqdm/4.59.0 CPython/3.8.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
56b49f77fa7335cafc6649db42580ba68eef5d114c8b23cf057251b7449ae1dd
|
|
| MD5 |
47f2bca83d910a1acd9018a2748e9182
|
|
| BLAKE2b-256 |
265196383591ed41937aa49844d0ad6b0614bed8bbddfa4eda0ce8740212c845
|
